Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

 According to First Coast News, a 10,000-gallon tank containing 1,500 gallons of ink-making resin exploded Friday at the US Ink building in Jacksonville, Florida, sending one person to the hospital. (See item 9)

9. January 30, First Coast News – (Florida) Chemical explosion in NW Jacksonville hospitalizes one. A tank containing ink-making resin exploded in Northwest Jacksonville, Florida on January 30, sending one person to the hospital. Jacksonville Fire and Rescue got several calls about an explosion at the US Ink building. A 10,000-gallon tank that contains a resin blew up. About 1,500 gallons of resin were in the tank at the time. One employee was taken to a hospital with minor injuries. Operations at the plant were shut down for about 2 hours, but are back to normal now. US Ink produces inks for the printing industry. Source: http://www.firstcoastnews.com/news/mostpopular/news-article.aspx?storyid=130155&provider=top

 WISC 3 Madison reports that a bomb squad disarmed a pipe-like device found taped to the side of a fuel truck at the Middleton Airport in Dane County, Wisconsin on Sunday. Middleton police said a suspicious man was seen driving a pickup truck around the hangars and fuel pit. (See item 17)

17. February 2, WISC 3000 Madison – (Wisconsin) Suspicious pipe-like device found taped to airport fuel truck. The Dane County Bomb Squad disarmed a suspicious device found taped to the side of a fuel truck at the Middleton Airport on February 1. Middleton police said a suspicious man was seen driving a black Ford F-150 pickup truck around the hangars and fuel pit at around 8 a.m. on February 1. The man left after being confronted by airport personnel, WISC-TV reported. Authorities said the same man was seen again in the area of the airport gate. They said at around 4:30 p.m., a suspicious, pipe-like device was observed affixed to the side of a fuel truck at the airport. The fuel truck was in close proximity to other fuel storage tanks. All flights were diverted from the airport, and the surrounding area was evacuated by Middleton police and fire departments. The Dane County Bomb Squad took the pipe-like device to an open field to render it safe, WISC-TV reported. Source: http://www.channel3000.com/news/18617508/detail.html

Details

Banking and Finance Sector

14. February 2, New York Times – (International) No cash or credit card? Put it on your cell phone. Imagine a technology that lets you pay for products just by waving your cell phone over a reader. The technology exists, and people in Japan have been using it for the past five years to pay for everything from train tickets to groceries to candy in vending machines. And in small-scale trials around the world, including in Atlanta, New York and the Bay Area, nearly everyone has liked using this form of payment. But consumers in the United States will not be able to wave and pay with their cell phones anytime soon: The myriad companies that must work together to give the technology to the masses have yet to agree on how to split the resulting revenue. “In Japan it was easier,” explains the director for corporate business development at Nokia. “It was just the major guys saying, ‘This is how it will be.’” A single carrier, NTT DoCoMo, accounted for more than half the Japanese market at the time the system was rolled out and thus had significant leverage with financial institutions and handset manufacturers. This is not the case in the United States. For such payments to work here, cell phone manufacturers, carriers, financial institutions and retailers must all play roles. There also must be some sort of intermediary that is trusted by both the financial institutions and the carriers to activate the virtual credit cards inside the phone. One problem is that anyone using a credit card inside a cell phone is simultaneously a customer of the financial institution and of the carrier. “At the end of the day, the question is, ‘Who pays whom and how much?’” the directory says. “The carriers and the banks need to get their act together on payment.” He adds that the back-and-forth is a necessary step in the creation of a complex system. Short-range technology, called NFC, for near field communication, enables a phone to talk to an electronic reader. It is already in widespread use — though, outside Japan, often not in phones. Source: http://www.siliconvalley.com/personaltech/ci_11593235

15. February 1, Des Moines Register – (Iowa) Police warn U.S. Cellular customers of text message fraud. Police in Cedar Rapids, Des Moines and West Des Moines have received several reports this morning of fraudulent text messages being sent to U.S. Cellular customers from a company identifying itself as MetaBank. Police are advising anyone who has received these messages not to call the 1-800 number listed or give out any personal information. According to Cedar Rapids police, the text messages tell customers there has been a security breach on their account and to call a toll-free number that asks for a credit card number and personal information. U.S. Cellular is advising customers to instead call 6-1-1, the U.S. Cellular customer service line, and information will be passed on to the company’s fraud department. Source: http://www.desmoinesregister.com/article/20090201/NEWS/90201004/-1/NEWS04

16. January 31, Miami Herald – (Florida; Maryland; Utah) FDIC closes three banks. Federal regulators have closed three banks in Utah, Florida and Maryland — bringing to six the total number of failures this year. The FDIC was appointed receiver of the following banks: MagnetBank of Salt Lake City, Florida’s Ocala National Bank, and Suburban Federal Savings Bank in Crofton, Maryland. Source: http://www.miamiherald.com/business/story/881324.html

Information Technology

36. February 1, Earth Times – (International) Conficker worm spreading rapidly. The latest major threat to computing safety, the Conficker worm, is spreading rapidly throughout the Internet. The worm represents less of a risk to home PCs than networked computers at corporations and institutions, but that does not mean that stand-alone computers are immune to the threat, says a representative of the German Federal Agency for Security in Information Technology (BSI) in Bonn. The first crucial step for all users is to install the Microsoft patch (MS08-067) designed to close the security gap in Windows. A virus scanner with current virus definitions is also a must for identifying and removing the ill-intentioned program. Computers infected with the bug are forced to download and install additional malware. The worm, which is also known as Downadup and Kido, then attempts to crack weaker passwords. This worm has proven particularly difficult to stamp out because many users have failed to install the necessary patch, even though it has been available since October 2008. Conficker also has the ability to replicate itself onto USB sticks and hard drives. “For your home PC, you should have an antivirus program scan the USB stick before opening any files,” the expert recommends. It is also a good idea to deactivate the autostart function on USB storage media and to switch to robust passwords, if the user has not already done so. Antivirus software makers say an estimated 9 million computers are infected with Conficker worldwide. The majority of those are corporate and government networks. Interestingly, the worm does not like competition. As soon as it has successfully installed itself onto a machine, it then downloads the Microsoft patch on its own to prevent other malicious software from exploiting the same gap. Source: http://www.earthtimes.org/articles/show/253644,conficker-worm-spreading-rapidly.html

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"